| 25 Jan 2026 |
 dramforever | lemme give it a try | 13:24:06 |
 matthewcroughan | Funny enough, system closures end up smaller if you cross compile instead of native | 13:24:32 |
| matthewcroughan | like I have a small nixos closure built with gnu-llvm-musl, and it comes out smaller than the one build without the gnu cross stuff | 13:24:51 |
| matthewcroughan | a few megabytes | 13:24:55 |
| matthewcroughan | there's also an accidental linkage to the llvm toolchain that occurs in the native setup that adds 40M | 13:25:29 |
| matthewcroughan | but even when that is corrected for, the cross-compiled setup produces smaller closures | 13:25:41 |
| dramforever | oh, got tricked by parallel build | 13:30:48 |
| dramforever | yeah it's compiling that with gcc aka $CC_FOR_BUILD | 13:31:07 |
| dramforever | which is std=c23 | 13:31:09 |
| dramforever | it's this line
gcc -c -DHAVE_CONFIG_H -DSHELL -I. -I.. -I.. -I../include -I../lib -I. -Wno-parentheses -Wno-format-security -g -DCROSS_COMPILING mkbuiltins.c
| 13:31:25 |
| dramforever | has nothing to do with the aarch64-unknown-linux-musl-clang line | 13:31:43 |
| dramforever | lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) does fix it | 13:36:15 |
| dramforever | i'm guessing if you don't condition it on cross it breaks the native bootstrap instead? | 13:36:44 |
| matthewcroughan | oooh yeah | 13:37:06 |
| matthewcroughan | I see | 13:37:08 |
| matthewcroughan | dramforever: next is iproute2 | 14:46:28 |
| matthewcroughan | https://termbin.com/sz51 | 14:47:02 |
| matthewcroughan | utils_math.c43:136:13: error: | #define SIOCGSTAMPNS use of undeclared identifier 'UINT_MAX'SI | 14:47:29 |
 Rick (Mindavi) | Missing include maybe? But would be strange vs normal compilation | 15:14:09 |
| 26 Jan 2026 |
| matthewcroughan | Mindavi: looks like it happens both on native and cross | 15:39:22 |
| matthewcroughan | This is the only thing blocking me from bumping https://github.com/MatthewCroughan/nixos-musl | 15:40:39 |
| matthewcroughan | maybe Grimmauld (any/all) knows? | 15:40:48 |
 Grimmauld (any/all) | no idea, iproute basically just works. Though i do run this:
{
lib,
...
}:
{
nixpkgs.overlays = [
(final: prev: {
networkmanager = prev.networkmanager.overrideAttrs (old: {
mesonFlags = lib.filter (f: !(lib.hasPrefix "-Diptables=" f)) old.mesonFlags or [ ];
});
iproute2 = prev.iproute2.override {
iptables = null;
};
nftables = prev.nftables.override { withXtables = false; };
})
];
networking.nftables.enable = true;
system.forbiddenDependenciesRegexes = [ "iptables" ];
}
No need for iptables if one can have nftables, might as well remove it from iproute. Maybe i got lucky and removed the bad code with that? Who knows
| 15:48:39 |
| matthewcroughan | is nftables the default in nixpkgs yet? | 15:51:55 |
| Grimmauld (any/all) | not yet | 15:52:10 |
| Grimmauld (any/all) | but its one of those things that is just better than the default | 15:52:23 |
| matthewcroughan | yeah, for sure | 15:53:07 |
| matthewcroughan | In nixos-musl, if I add those, iproute still ends up in the graph | 15:56:22 |
| matthewcroughan | 
Download image.png | 15:56:26 |
| matthewcroughan | remember this is for pkgs.nixos {} all defaults, maybe you've got some more config that somehow gets rid of iproute from the systemPackages too | 15:57:08 |
